Mahara

XSS Vulnerability adding pages into a collection

Bug #1377736 reported by Son Nguyen on 2014-10-05

256

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Mahara	Fix Released	High	Son Nguyen	Mahara 1.10.0
1.10	Fix Released	High	Son Nguyen	Mahara 1.10.0
15.04	Fix Released	High	Unassigned	Mahara 15.04.0

Bug Description

Version: master (1.10)
Platform, browser: any

Steps to reproduce:

1. Create a page with the title "<script>alert(1);</script>" without the quote
2. Create a collection
3. Add the page into the collection by dragging it.

You will the the alert pop-up window.

Tags:

CVE References

2017-1000138

Revision history for this message

Son Nguyen (ngson2000) wrote on 2014-10-05:

This issue also happens when drag/drop a page into an empty collection

Revision history for this message

Son Nguyen (ngson2000) wrote on 2014-10-05:

https://reviews.mahara.org/#/c/3746

Robert Lyon (robertl-9) on 2014-10-05

Changed in mahara:
milestone:	none → 1.10.0
status:	New → Fix Committed

Son Nguyen (ngson2000) on 2014-10-06

Changed in mahara:
assignee:	nobody → Son Nguyen (ngson2000)

Robert Lyon (robertl-9) on 2014-10-06

Changed in mahara:
importance:	Undecided → High

Aaron Wells (u-aaronw) on 2014-10-21

tags:	added: regression
information type:	Private Security → Public Security

Robert Lyon (robertl-9) on 2015-04-17

Changed in mahara:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.